Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 459784 - sys-libs/pam forces pie builds for all programs
Summary: sys-libs/pam forces pie builds for all programs
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: sh Linux
: Normal normal (vote)
Assignee: PAM Gentoo Team (OBSOLETE)
Depends on:
Reported: 2013-02-28 20:17 UTC by Agostino Sarubbo
Modified: 2015-05-17 03:17 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

build log (pam-1.1.6-r2:20130227-133645.log,317.46 KB, text/plain)
2013-02-28 20:28 UTC, Agostino Sarubbo

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-02-28 20:17:11 UTC
* QA Notice: The following files contain runtime text relocations
 *  Text relocations force the dynamic linker to perform extra
 *  work at startup, waste system resources, and may pose a security
 *  risk.  On some architectures, the code may not even function
 *  properly, if at all.
 *  For more information, see
 *  Please include the following list of files in your report:
 * TEXTREL lib/security/pam_filter/upperLOWER
 * TEXTREL sbin/unix_update
 * TEXTREL sbin/pam_timestamp_check
 * TEXTREL sbin/unix_chkpwd
 * QA Notice: Package triggers severe warnings which indicate that it
 *            may exhibit random runtime failures.
 * misc_conv.c:213:13: warning: the address of 'line' will always evaluate as 'true' [-Waddress]
 * misc_conv.c:325:6: warning: the address of 'binary_prompt' will always evaluate as 'true' [-Waddress]
 * Please do not file a Gentoo bug and instead report the above QA
 * issues directly to the upstream developers of this software.
 * Homepage:

Portage (default/linux/sh/13.0, gcc-4.6.3, glibc-2.11.3, sh4)
System uname: Linux-
KiB Mem:       60920 total,      9468 free
KiB Swap:     999928 total,    989920 free
Timestamp of tree: Sat, 23 Feb 2013 09:00:01 +0000
ld GNU ld (GNU Binutils) 2.22
ccache version 3.1.9 [disabled]
app-shells/bash:          4.2_p37
dev-lang/python:          2.7.3-r2, 3.2.3
dev-util/ccache:          3.1.9
dev-util/cmake:           2.8.9
dev-util/pkgconfig:       0.28
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.11.8
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13, 2.69
sys-devel/automake:       1.11.6
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            4.5.3-r1, 4.6.3
sys-devel/gcc-config:     1.7.3
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r4
sys-kernel/linux-headers: 3.6 (virtual/os-headers)
sys-libs/glibc:           2.11.3
Repositories: gentoo
CFLAGS="-O2 -m4 -pipe"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -m4 -pipe"
EMERGE_DEFAULT_OPTS="--with-bdeps y --keep-going y -1 --quiet-fail y"
FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch protect-owned sandbox sfperms split-log strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync"
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
USE="acl berkdb bzip2 cli cracklib crypt cxx fortran gdbm gpm iconv ipv6 modules mudflap ncurses nls nossp nptl openmp pam pcre readline session sh ssl tcpd unicode zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" PHP_TARGETS="php5-3 php5-4" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="dummy fbdev v4l"
USE_PYTHON="2.7 3.2"
Comment 1 Agostino Sarubbo gentoo-dev 2013-02-28 20:28:05 UTC
Created attachment 340566 [details]
build log
Comment 2 Diego Elio Pettenò (RETIRED) gentoo-dev 2013-03-01 06:40:13 UTC
Mike does SH support PIE? HPPA seems like they don't and we disable it as is ...
Comment 3 Diego Elio Pettenò (RETIRED) gentoo-dev 2013-03-01 06:40:34 UTC
Otherwise I guess I could just disable pie support from PAM and just leave it to Hardened..
Comment 4 SpanKY gentoo-dev 2013-03-03 06:59:17 UTC
(In reply to comment #2)

SuperH somewhat supports PIE.  its apps will run link/load/run fine, but there are textrels in the init code -- see bug 336641

imo, if the program isn't set*id, there's no reason to force PIE for non-hardened system.  i can't see any of these pam utils falling into that category.
Comment 5 SpanKY gentoo-dev 2015-05-17 03:17:31 UTC
should be all set now in the tree; thanks for the report!

Commit message: Respect USE=pie